Networking Fundamentals, 3rd Edition page 481

Copyright Goodheart-Willcox Co., Inc. 481 Chapter 15 Network Security Security Tools Th ere are numerous security tools available on the market that are designed to iden- tify common network security weaknesses by probing the network and searching for vulnerabilities. Th e tools are similar to tools used by hackers and crackers to probe a network. Security tools can help you determine if a potential problem exists. One such tool is GFI LANguard. In Figure 15-24, the GFI LANguard utility has revealed some potential problems that exist on a network. Since this information is taken from an actual site, the IP address has been blocked out for protection. As shown in the image, numerous pos- sible security problems exist on this network. A person with some expertise could easily penetrate this site and cause a tremendous amount of damage. GFI LANguard is designed to check security problems on the local area network, but can be used by a hacker or cracker as well. Figure 15-24 The GFI LANguard utility can be used to check for security problems on a local area network. Goodheart-Willcox Publisher Netstat Utility Th e netstat utility can help determine which ports are open on a computer. To check for open ports using the netstat utility, enter netstat -a at the command prompt. A display will appear similar to the one in Figure 15-25, which shows the TCP protocol, the port number of each port currently opened, and the name of the computer asso- ciated with the protocol. Any port listed that is not being used should be closed. A utility that periodically detects open ports and alerts you to unauthorized intrusions should also be used. Audit Tools User authentication and encryption may not be a suffi cient measure of security. A system of auditing user activities should also be established. Not all network attacks or probes come from outside the network. Many network attacks come from inside the network by employees. Th e activities of users or intruders can be recorded in a log, or the network can be confi gured to generate messages to alert the administrator of a possible attack. Activities such as repeated logon failures can typically indicate intruder activity. 4.2, 5.2 NET

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 481 (503 of 720)

Resources and Downloads

Help